def auth_from_request(self, request):
result = {
k: request.GET[k]
for k in six.iterkeys(request.GET)
if k[:7] == 'sentry_'
}
if request.META.get('HTTP_X_SENTRY_AUTH', '')[:7].lower() == 'sentry ':
if result:
raise SuspiciousOperation('Multiple authentication payloads were detected.')
result = parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '')[:7].lower() == 'sentry ':
if result:
raise SuspiciousOperation('Multiple authentication payloads were detected.')
result = parse_auth_header(request.META['HTTP_AUTHORIZATION'])
if not result:
raise APIUnauthorized('Unable to find authentication information')
origin = self.origin_from_request(request)
auth = Auth(result, is_public=bool(origin))
# default client to user agent
if not auth.client:
auth.client = request.META.get('HTTP_USER_AGENT')
return auth
def auth_from_request(self, request):
result = {
k: request.GET[k]
for k in six.iterkeys(request.GET) if k[:7] == 'sentry_'
}
if request.META.get('HTTP_X_SENTRY_AUTH', '')[:7].lower() == 'sentry ':
if result:
raise SuspiciousOperation(
'Multiple authentication payloads were detected.')
result = parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION',
'')[:7].lower() == 'sentry ':
if result:
raise SuspiciousOperation(
'Multiple authentication payloads were detected.')
result = parse_auth_header(request.META['HTTP_AUTHORIZATION'])
if not result:
raise APIUnauthorized('Unable to find authentication information')
origin = self.origin_from_request(request)
auth = Auth(result, is_public=bool(origin))
# default client to user agent
if not auth.client:
auth.client = request.META.get('HTTP_USER_AGENT')
return auth
def auth_from_request(cls, request):
result = {k: request.GET[k] for k in six.iterkeys(request.GET) if k[:7] == "sentry_"}
if request.META.get("HTTP_X_SENTRY_AUTH", "")[:7].lower() == "sentry ":
if result:
raise SuspiciousOperation("Multiple authentication payloads were detected.")
result = parse_auth_header(request.META["HTTP_X_SENTRY_AUTH"])
elif request.META.get("HTTP_AUTHORIZATION", "")[:7].lower() == "sentry ":
if result:
raise SuspiciousOperation("Multiple authentication payloads were detected.")
result = parse_auth_header(request.META["HTTP_AUTHORIZATION"])
if not result:
raise APIUnauthorized("Unable to find authentication information")
origin = cls.origin_from_request(request)
auth = Auth(
client=result.get("sentry_client"),
version=six.text_type(result.get("sentry_version")),
secret_key=result.get("sentry_secret"),
public_key=result.get("sentry_key"),
is_public=bool(origin),
)
# default client to user agent
if not auth.client:
auth.client = request.META.get("HTTP_USER_AGENT")
if isinstance(auth.client, bytes):
auth.client = auth.client.decode("latin1")
return auth
def extract_auth_vars(request):
if request.META.get("HTTP_X_SENTRY_AUTH", "").startswith("Sentry"):
return parse_auth_header(request.META["HTTP_X_SENTRY_AUTH"])
elif request.META.get("HTTP_AUTHORIZATION", "").startswith("Sentry"):
return parse_auth_header(request.META["HTTP_AUTHORIZATION"])
else:
return dict((k, request.GET[k]) for k in request.GET.iterkeys() if k.startswith("sentry_"))
def extract_auth_vars(request):
if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_AUTHORIZATION'])
else:
return request.GET
def extract_auth_vars(request):
if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_AUTHORIZATION'])
else:
return request.GET
def auth_from_request(cls, request):
result = {k: request.GET[k] for k in six.iterkeys(
request.GET) if k[:7] == 'sentry_'}
if request.META.get('HTTP_X_SENTRY_AUTH', '')[:7].lower() == 'sentry ':
if result:
raise SuspiciousOperation(
'Multiple authentication payloads were detected.')
result = parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '')[:7].lower() == 'sentry ':
if result:
raise SuspiciousOperation(
'Multiple authentication payloads were detected.')
result = parse_auth_header(request.META['HTTP_AUTHORIZATION'])
if not result:
raise APIUnauthorized('Unable to find authentication information')
origin = cls.origin_from_request(request)
auth = Auth(client=result.get('sentry_client'),
version=six.text_type(result.get('sentry_version')),
secret_key=result.get('sentry_secret'),
public_key=result.get('sentry_key'),
is_public=bool(origin))
# default client to user agent
if not auth.client:
auth.client = request.META.get('HTTP_USER_AGENT')
if isinstance(auth.client, bytes):
auth.client = auth.client.decode('latin1')
return auth
def extract_auth_vars(request):
if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_AUTHORIZATION'])
else:
return dict((k, request.GET[k]) for k in request.GET.iterkeys()
if k.startswith('sentry_'))
def extract_auth_vars(request):
if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
# Auth version 3.0 (same as 2.0, diff header)
return parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
# Auth version 2.0
return parse_auth_header(request.META['HTTP_AUTHORIZATION'])
else:
return None
def extract_auth_vars(request):
if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
# Auth version 3.0 (same as 2.0, diff header)
return parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
# Auth version 2.0
return parse_auth_header(request.META['HTTP_AUTHORIZATION'])
else:
return None
def extract_auth_vars(request):
if request.META.get("HTTP_X_SENTRY_AUTH", "").startswith("Sentry"):
# Auth version 3.0 (same as 2.0, diff header)
return parse_auth_header(request.META["HTTP_X_SENTRY_AUTH"])
elif request.META.get("HTTP_AUTHORIZATION", "").startswith("Sentry"):
# Auth version 2.0
return parse_auth_header(request.META["HTTP_AUTHORIZATION"])
else:
return None
def extract_auth_vars(request):
if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
return parse_auth_header(request.META['HTTP_AUTHORIZATION'])
else:
return dict(
(k, request.GET[k])
for k in request.GET.iterkeys()
if k.startswith('sentry_')
)
def auth_from_request(self, request):
if request.META.get("HTTP_X_SENTRY_AUTH", "").startswith("Sentry"):
result = parse_auth_header(request.META["HTTP_X_SENTRY_AUTH"])
elif request.META.get("HTTP_AUTHORIZATION", "").startswith("Sentry"):
result = parse_auth_header(request.META["HTTP_AUTHORIZATION"])
else:
result = dict((k, request.GET[k]) for k in request.GET.iterkeys() if k.startswith("sentry_"))
if not result:
raise APIUnauthorized("Unable to find authentication information")
origin = self.origin_from_request(request)
auth = Auth(result, is_public=bool(origin))
# default client to user agent
if not auth.client:
auth.client = request.META.get("HTTP_USER_AGENT")
return auth
def handle(self, data, address):
from sentry.utils.auth import parse_auth_header
from sentry.coreapi import (project_from_auth_vars, decode_and_decompress_data, safely_load_json_string,
validate_data, insert_data_to_database, APIError)
try:
try:
auth_header, data = data.split("\n\n", 1)
except ValueError:
raise APIError("missing auth header")
project = project_from_auth_vars(parse_auth_header(auth_header), data)
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data)
except InvalidTimestamp:
# Log the error, remove the timestamp, and revalidate
logger.error('Client %r passed an invalid value for timestamp %r' % (
data['timestamp'],
client or '<unknown client>',
))
del data['timestamp']
validate_data(project, data)
return insert_data_to_database(data)
except APIError, error:
logger.error('bad message from %s: %s' % (address, error.msg))
return error
def handle(self, data, address):
from sentry.utils.auth import parse_auth_header
from sentry.coreapi import (project_from_auth_vars,
decode_and_decompress_data,
safely_load_json_string,
ensure_valid_project_id,
insert_data_to_database, APIError)
try:
try:
auth_header, data = data.split("\n\n", 1)
except ValueError:
raise APIError("missing auth header")
project = project_from_auth_vars(parse_auth_header(auth_header),
data)
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
ensure_valid_project_id(project, data)
return insert_data_to_database(data)
except APIError, error:
logger.error('bad message from %s: %s' % (address, error.msg))
return error
def handle_sentry(data, address):
from sentry.exceptions import InvalidData
from sentry.coreapi import project_from_auth_vars, decode_and_decompress_data, \
safely_load_json_string, validate_data, insert_data_to_database, APIError
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split('\n\n', 1)
except ValueError:
raise APIError('missing auth header')
auth_vars = parse_auth_header(auth_header)
project = project_from_auth_vars(auth_vars, data)
client = auth_vars.get('sentry_client')
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(unicode(e))
return insert_data_to_database(data)
def handle_sentry(data, address):
from sentry.exceptions import InvalidData
from sentry.coreapi import project_from_auth_vars, decode_and_decompress_data, \
safely_load_json_string, validate_data, insert_data_to_database, APIError
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split('\n\n', 1)
except ValueError:
raise APIError('missing auth header')
auth_vars = parse_auth_header(auth_header)
project = project_from_auth_vars(auth_vars, data)
client = auth_vars.get('sentry_client')
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(unicode(e))
return insert_data_to_database(data)
def auth_from_request(self, request):
if request.META.get('HTTP_X_SENTRY_AUTH', '').startswith('Sentry'):
result = parse_auth_header(request.META['HTTP_X_SENTRY_AUTH'])
elif request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
result = parse_auth_header(request.META['HTTP_AUTHORIZATION'])
else:
result = dict((k, request.GET[k]) for k in request.GET.iterkeys()
if k.startswith('sentry_'))
if not result:
raise APIUnauthorized('Unable to find authentication information')
origin = self.origin_from_request(request)
auth = Auth(result, is_public=bool(origin))
# default client to user agent
if not auth.client:
auth.client = request.META.get('HTTP_USER_AGENT')
return auth
def handle_sentry(data, address):
from sentry.coreapi import (
project_from_auth_vars,
decode_and_decompress_data,
safely_load_json_string,
validate_data,
insert_data_to_database,
APIError,
APIForbidden,
)
from sentry.models import Group
from sentry.exceptions import InvalidData
from sentry.plugins import plugins
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split("\n\n", 1)
except ValueError:
raise APIError("missing auth header")
try:
auth_vars = parse_auth_header(auth_header)
except (ValueError, IndexError):
raise APIError("invalid auth header")
project, user = project_from_auth_vars(auth_vars)
result = plugins.first("has_perm", user, "create_event", project)
if result is False:
raise APIForbidden("Creation of this event was blocked")
client = auth_vars.get("sentry_client")
if not data.startswith("{"):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(u"Invalid data: %s (%s)" % (unicode(e), type(e)))
Group.objects.normalize_event_data(data)
return insert_data_to_database(data)
def handle_sentry(data, address):
from sentry.coreapi import (project_from_auth_vars,
decode_and_decompress_data,
safely_load_json_string, validate_data,
insert_data_to_database, APIError,
APIForbidden)
from sentry.models import Group
from sentry.exceptions import InvalidData
from sentry.plugins import plugins
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split('\n\n', 1)
except ValueError:
raise APIError('missing auth header')
try:
auth_vars = parse_auth_header(auth_header)
except (ValueError, IndexError):
raise APIError('invalid auth header')
project, user = project_from_auth_vars(auth_vars)
result = plugins.first('has_perm', user, 'create_event', project)
if result is False:
raise APIForbidden('Creation of this event was blocked')
client = auth_vars.get('sentry_client')
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(u'Invalid data: %s (%s)' % (unicode(e), type(e)))
Group.objects.normalize_event_data(data)
return insert_data_to_database(data)
def handle(self, data, address):
from sentry.utils.auth import parse_auth_header
from sentry.coreapi import (project_from_auth_vars, decode_and_decompress_data, safely_load_json_string,
ensure_valid_project_id, insert_data_to_database, APIError)
try:
try:
auth_header, data = data.split("\n\n", 1)
except ValueError:
raise APIError("missing auth header")
project = project_from_auth_vars(parse_auth_header(auth_header), data)
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
ensure_valid_project_id(project, data)
return insert_data_to_database(data)
except APIError, error:
logger.error('bad message from %s: %s' % (address, error.msg))
return error
def handle_sentry(data, address):
from sentry.coreapi import project_from_auth_vars, decode_and_decompress_data, \
safely_load_json_string, validate_data, insert_data_to_database, APIError, \
APIForbidden
from sentry.exceptions import InvalidData
from sentry.plugins import plugins
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split('\n\n', 1)
except ValueError:
raise APIError('missing auth header')
try:
auth_vars = parse_auth_header(auth_header)
except (ValueError, IndexError):
raise APIError('invalid auth header')
project, user = project_from_auth_vars(auth_vars)
result = plugins.first('has_perm', user, 'create_event', project)
if result is False:
raise APIForbidden('Creation of this event was blocked')
client = auth_vars.get('sentry_client')
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(u'Invalid data: %s (%s)' % (unicode(e), type(e)))
return insert_data_to_database(data)
